[Ltb-users] Password was refused by the LDAP directory
clem.oudot at gmail.com
Fri Sep 19 12:34:33 CEST 2014
2014-09-19 12:06 GMT+02:00 Robert Ludvik <robert.ludvik at zd-lj.si>:
> I use LDAP server 389-ds, version 1.2 (http://www.port389.org/) and Samba
> I set up LTB and it works fine - I can change userPassword as well as
> Samba password.
> Our security requests are that users should not reuse last 5 passwords.
> This cannot be set up with LTB, AFAIK, but should be set in LDAP server.
Right, password history can be managed in LDAP server.
> If I enable password syntax checking in 389-ds Admin console like this:
Well, this has nothing to do with password history, you configured here
> the LTB continue to report "Password was refused by the LDAP directory"
> even if I enter new password within these requests. I found out it reports
> LDAP error 19:
> (Indicates that the attribute value specified in a modify, add, or modify
> DN operation violates constraints placed on the attribute. The constraint
> can be one of size or content (string only, no binary).)
As you said, the LDAP server refuses the password.
> But, I can change password via Windows Ctrl-Alt-Del -> Change password.
I think the password is changed on AD, not on 389 server.
> Can someone please help me with this /point to what could be wrong?
> My LTB conf settings:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ltb-users